Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
From trying to solve #1652724: Add empty table and text when there are no results, the best solution is to have a handler that is similar to the global textarea handler but does not use text formats or tokens, the output is just rendered through filter_xss_admin() instead. Patch attached.
Comment | File | Size | Author |
---|---|---|---|
#15 | 1676608-15.patch | 4.64 KB | damiankloip |
#14 | 1676608-14.patch | 3.1 KB | damiankloip |
#11 | 1676608-11.patch | 2.58 KB | damiankloip |
#10 | 1676608-10.patch | 2.59 KB | damiankloip |
#9 | 1676608-9.patch | 2.72 KB | damiankloip |
Comments
Comment #1
dawehnerI didn't tested the patch but from the code-side this looks fine.
Comment #2
damiankloip CreditAttribution: damiankloip commentedThanks dawehner, I have just fixed the handler naming in the docblock on this.
Comment #3
sunThe original patch in #1652724-9: Add empty table and text when there are no results had support for Views' tokens - any particular reason for why that has been dropped?
Shouldn't the internal handler name also be 'area_text_admin'?
I wonder whether "Administrative text" wouldn't make more sense?
(I've to admit I always struggled with the exposure of the internal "area" concept in the UI for the text "area" handler, which at least for me is steadily confused with a "textarea" form element.)
I also wonder whether this is a good, user-friendly help text/description...
I'm not sure, and I could be mistaken, and really, I'd be glad if I am, but I somewhat doubt that users understand what that filter_xss_admin() function means? ;-D
I'm don't know whether such a concept exists in Views API, but technically, this handler ideally should only be editable in the Views UI by users who have the "administer site configuration" permission. Though I guess such a concept does not exist yet.
Comment #4
damiankloip CreditAttribution: damiankloip commentedThanks sun.
dawehner suggested just dropping the token support on the handler. This is easy enough to add back in though.
The current key used in views for the regular text area is just 'area', so I was following this convention.
Yes, I think it would :)
Do you think just drop the part in the description about filter_xss_admin(), and just stick with the first sentence then?
Comment #5
sunI guess it would make sense to make the effect of filter_xss_admin() clear.
From an end-user perspective, the relationship with "administrative" and anything "admin" is actually irrelevant and non-existent. Intead, I think that the important difference to the other text area is:
- (quasi) unrestricted
- "unsecure"
- unfiltered (no text format and no filters)
The best way to clarify this is probably to combine a concise description with a concise label; e.g.:
Add unrestricted, custom text or markup. Warning: This may have security implications depending on the text being configured.
(Warning text taken from Filter module's text format permission descriptions.)
Comment #6
damiankloip CreditAttribution: damiankloip commentedHere is a patch with these wording changes in. Are we going with tokens? I do like the simplicity of just unfiltered text.
Comment #7
dawehnerUps i think there was a clear misunderstanding ... i thought we extend from views_handler_area_text to get the token support for free
Comment #8
sunI'll have to defer to @dawehner regarding tokens, but personally I'd love to have support for them.
Comment #9
damiankloip CreditAttribution: damiankloip commentedSomething like this instead?
Comment #10
damiankloip CreditAttribution: damiankloip commentedOops, this one
Comment #11
damiankloip CreditAttribution: damiankloip commentedor we alter the current content array, rather than replacing.... (both were in patch in #9).
Comment #12
damiankloip CreditAttribution: damiankloip commentedMaybe this title is better now too.
Comment #13
sunI'm not sure whether this kind of inheritance is really appropriate (the widget as well as the output is different after all), and I wonder whether other code might get confused by the additional/alternative but actually completely different inherited object.
It would make more sense for me to either move the token handling code into a shared base class for both, or just simply copy/duplicate it.
However, ultimately that's for @dawehner to decide. ;)
Comment #14
damiankloip CreditAttribution: damiankloip commented@dawehner: Made the changes. How about this?
Comment #15
damiankloip CreditAttribution: damiankloip commentedAnd renamed/....
Comment #16
dawehnerAwesome, sorry for all the review noise. Committed to 7.x-3.x and 8.x-3.x
Comment #17
sunWas the _admin handler still supposed to be contained...?
Comment #18
dawehnerSorry, I forgot to mention this. This file was ignored in the commit.